SUSE-SU-2025:3700-1

Опубликовано: 21 окт. 2025

Источник: suse-cvrf

Описание

Security update for webkit2gtk3

This update for webkit2gtk3 fixes the following issues:

CVE-2025-43343: improved memory handling in web content processing to prevent process crash (bsc#1251975)
CVE-2025-43272: improved memory handling to prevent unexpected process crash (bsc#1250439)
CVE-2025-43342: correctness issue was addressed with improved checks to prevent unexcepted process crash (bsc#1250440)
CVE-2025-43356: improved handling of caches to prevent sensor access without consent (bsc#1250441)
CVE-2025-43368: improved memory management to prevent a use-after-free (bsc#1250442)

Список пакетов

SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS

WebKitGTK-4.0-lang-2.50.1-150400.4.127.3

WebKitGTK-4.1-lang-2.50.1-150400.4.127.3

WebKitGTK-6.0-lang-2.50.1-150400.4.127.3

libjavascriptcoregtk-4_0-18-2.50.1-150400.4.127.3

libjavascriptcoregtk-4_1-0-2.50.1-150400.4.127.3

libjavascriptcoregtk-6_0-1-2.50.1-150400.4.127.3

libwebkit2gtk-4_0-37-2.50.1-150400.4.127.3

libwebkit2gtk-4_1-0-2.50.1-150400.4.127.3

libwebkitgtk-6_0-4-2.50.1-150400.4.127.3

typelib-1_0-JavaScriptCore-4_0-2.50.1-150400.4.127.3

typelib-1_0-JavaScriptCore-4_1-2.50.1-150400.4.127.3

typelib-1_0-WebKit2-4_0-2.50.1-150400.4.127.3

typelib-1_0-WebKit2-4_1-2.50.1-150400.4.127.3

typelib-1_0-WebKit2WebExtension-4_0-2.50.1-150400.4.127.3

typelib-1_0-WebKit2WebExtension-4_1-2.50.1-150400.4.127.3

webkit2gtk-4_0-injected-bundles-2.50.1-150400.4.127.3

webkit2gtk-4_1-injected-bundles-2.50.1-150400.4.127.3

webkit2gtk3-devel-2.50.1-150400.4.127.3

webkit2gtk3-soup2-devel-2.50.1-150400.4.127.3

webkitgtk-6_0-injected-bundles-2.50.1-150400.4.127.3

SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS

WebKitGTK-4.0-lang-2.50.1-150400.4.127.3

WebKitGTK-4.1-lang-2.50.1-150400.4.127.3

WebKitGTK-6.0-lang-2.50.1-150400.4.127.3

libjavascriptcoregtk-4_0-18-2.50.1-150400.4.127.3

libjavascriptcoregtk-4_1-0-2.50.1-150400.4.127.3

libjavascriptcoregtk-6_0-1-2.50.1-150400.4.127.3

libwebkit2gtk-4_0-37-2.50.1-150400.4.127.3

libwebkit2gtk-4_1-0-2.50.1-150400.4.127.3

libwebkitgtk-6_0-4-2.50.1-150400.4.127.3

typelib-1_0-JavaScriptCore-4_0-2.50.1-150400.4.127.3

typelib-1_0-JavaScriptCore-4_1-2.50.1-150400.4.127.3

typelib-1_0-WebKit2-4_0-2.50.1-150400.4.127.3

typelib-1_0-WebKit2-4_1-2.50.1-150400.4.127.3

typelib-1_0-WebKit2WebExtension-4_0-2.50.1-150400.4.127.3

typelib-1_0-WebKit2WebExtension-4_1-2.50.1-150400.4.127.3

webkit2gtk-4_0-injected-bundles-2.50.1-150400.4.127.3

webkit2gtk-4_1-injected-bundles-2.50.1-150400.4.127.3

webkit2gtk3-devel-2.50.1-150400.4.127.3

webkit2gtk3-soup2-devel-2.50.1-150400.4.127.3

webkitgtk-6_0-injected-bundles-2.50.1-150400.4.127.3

SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS

WebKitGTK-4.0-lang-2.50.1-150400.4.127.3

WebKitGTK-4.1-lang-2.50.1-150400.4.127.3

WebKitGTK-6.0-lang-2.50.1-150400.4.127.3

libjavascriptcoregtk-4_0-18-2.50.1-150400.4.127.3

libjavascriptcoregtk-4_1-0-2.50.1-150400.4.127.3

libjavascriptcoregtk-6_0-1-2.50.1-150400.4.127.3

libwebkit2gtk-4_0-37-2.50.1-150400.4.127.3

libwebkit2gtk-4_1-0-2.50.1-150400.4.127.3

libwebkitgtk-6_0-4-2.50.1-150400.4.127.3

typelib-1_0-JavaScriptCore-4_0-2.50.1-150400.4.127.3

typelib-1_0-JavaScriptCore-4_1-2.50.1-150400.4.127.3

typelib-1_0-WebKit2-4_0-2.50.1-150400.4.127.3

typelib-1_0-WebKit2-4_1-2.50.1-150400.4.127.3

typelib-1_0-WebKit2WebExtension-4_0-2.50.1-150400.4.127.3

typelib-1_0-WebKit2WebExtension-4_1-2.50.1-150400.4.127.3

webkit2gtk-4_0-injected-bundles-2.50.1-150400.4.127.3

webkit2gtk-4_1-injected-bundles-2.50.1-150400.4.127.3

webkit2gtk3-devel-2.50.1-150400.4.127.3

webkit2gtk3-soup2-devel-2.50.1-150400.4.127.3

webkitgtk-6_0-injected-bundles-2.50.1-150400.4.127.3

SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS

WebKitGTK-4.0-lang-2.50.1-150400.4.127.3

WebKitGTK-4.1-lang-2.50.1-150400.4.127.3

WebKitGTK-6.0-lang-2.50.1-150400.4.127.3

libjavascriptcoregtk-4_0-18-2.50.1-150400.4.127.3

libjavascriptcoregtk-4_1-0-2.50.1-150400.4.127.3

libjavascriptcoregtk-6_0-1-2.50.1-150400.4.127.3

libwebkit2gtk-4_0-37-2.50.1-150400.4.127.3

libwebkit2gtk-4_1-0-2.50.1-150400.4.127.3

libwebkitgtk-6_0-4-2.50.1-150400.4.127.3

typelib-1_0-JavaScriptCore-4_0-2.50.1-150400.4.127.3

typelib-1_0-JavaScriptCore-4_1-2.50.1-150400.4.127.3

typelib-1_0-WebKit2-4_0-2.50.1-150400.4.127.3

typelib-1_0-WebKit2-4_1-2.50.1-150400.4.127.3

typelib-1_0-WebKit2WebExtension-4_0-2.50.1-150400.4.127.3

typelib-1_0-WebKit2WebExtension-4_1-2.50.1-150400.4.127.3

webkit2gtk-4_0-injected-bundles-2.50.1-150400.4.127.3

webkit2gtk-4_1-injected-bundles-2.50.1-150400.4.127.3

webkit2gtk3-devel-2.50.1-150400.4.127.3

webkit2gtk3-soup2-devel-2.50.1-150400.4.127.3

webkitgtk-6_0-injected-bundles-2.50.1-150400.4.127.3

SUSE Linux Enterprise Server 15 SP4-LTSS

WebKitGTK-4.0-lang-2.50.1-150400.4.127.3

WebKitGTK-4.1-lang-2.50.1-150400.4.127.3

WebKitGTK-6.0-lang-2.50.1-150400.4.127.3

libjavascriptcoregtk-4_0-18-2.50.1-150400.4.127.3

libjavascriptcoregtk-4_1-0-2.50.1-150400.4.127.3

libjavascriptcoregtk-6_0-1-2.50.1-150400.4.127.3

libwebkit2gtk-4_0-37-2.50.1-150400.4.127.3

libwebkit2gtk-4_1-0-2.50.1-150400.4.127.3

libwebkitgtk-6_0-4-2.50.1-150400.4.127.3

typelib-1_0-JavaScriptCore-4_0-2.50.1-150400.4.127.3

typelib-1_0-JavaScriptCore-4_1-2.50.1-150400.4.127.3

typelib-1_0-WebKit2-4_0-2.50.1-150400.4.127.3

typelib-1_0-WebKit2-4_1-2.50.1-150400.4.127.3

typelib-1_0-WebKit2WebExtension-4_0-2.50.1-150400.4.127.3

typelib-1_0-WebKit2WebExtension-4_1-2.50.1-150400.4.127.3

webkit2gtk-4_0-injected-bundles-2.50.1-150400.4.127.3

webkit2gtk-4_1-injected-bundles-2.50.1-150400.4.127.3

webkit2gtk3-devel-2.50.1-150400.4.127.3

webkit2gtk3-soup2-devel-2.50.1-150400.4.127.3

webkitgtk-6_0-injected-bundles-2.50.1-150400.4.127.3

SUSE Linux Enterprise Server 15 SP5-LTSS

WebKitGTK-4.0-lang-2.50.1-150400.4.127.3

WebKitGTK-4.1-lang-2.50.1-150400.4.127.3

WebKitGTK-6.0-lang-2.50.1-150400.4.127.3

libjavascriptcoregtk-4_0-18-2.50.1-150400.4.127.3

libjavascriptcoregtk-4_1-0-2.50.1-150400.4.127.3

libjavascriptcoregtk-6_0-1-2.50.1-150400.4.127.3

libwebkit2gtk-4_0-37-2.50.1-150400.4.127.3

libwebkit2gtk-4_1-0-2.50.1-150400.4.127.3

libwebkitgtk-6_0-4-2.50.1-150400.4.127.3

typelib-1_0-JavaScriptCore-4_0-2.50.1-150400.4.127.3

typelib-1_0-JavaScriptCore-4_1-2.50.1-150400.4.127.3

typelib-1_0-WebKit2-4_0-2.50.1-150400.4.127.3

typelib-1_0-WebKit2-4_1-2.50.1-150400.4.127.3

typelib-1_0-WebKit2WebExtension-4_0-2.50.1-150400.4.127.3

typelib-1_0-WebKit2WebExtension-4_1-2.50.1-150400.4.127.3

webkit2gtk-4_0-injected-bundles-2.50.1-150400.4.127.3

webkit2gtk-4_1-injected-bundles-2.50.1-150400.4.127.3

webkit2gtk3-devel-2.50.1-150400.4.127.3

webkit2gtk3-soup2-devel-2.50.1-150400.4.127.3

webkitgtk-6_0-injected-bundles-2.50.1-150400.4.127.3

SUSE Linux Enterprise Server for SAP Applications 15 SP4

WebKitGTK-4.0-lang-2.50.1-150400.4.127.3

WebKitGTK-4.1-lang-2.50.1-150400.4.127.3

WebKitGTK-6.0-lang-2.50.1-150400.4.127.3

libjavascriptcoregtk-4_0-18-2.50.1-150400.4.127.3

libjavascriptcoregtk-4_1-0-2.50.1-150400.4.127.3

libjavascriptcoregtk-6_0-1-2.50.1-150400.4.127.3

libwebkit2gtk-4_0-37-2.50.1-150400.4.127.3

libwebkit2gtk-4_1-0-2.50.1-150400.4.127.3

libwebkitgtk-6_0-4-2.50.1-150400.4.127.3

typelib-1_0-JavaScriptCore-4_0-2.50.1-150400.4.127.3

typelib-1_0-JavaScriptCore-4_1-2.50.1-150400.4.127.3

typelib-1_0-WebKit2-4_0-2.50.1-150400.4.127.3

typelib-1_0-WebKit2-4_1-2.50.1-150400.4.127.3

typelib-1_0-WebKit2WebExtension-4_0-2.50.1-150400.4.127.3

typelib-1_0-WebKit2WebExtension-4_1-2.50.1-150400.4.127.3

webkit2gtk-4_0-injected-bundles-2.50.1-150400.4.127.3

webkit2gtk-4_1-injected-bundles-2.50.1-150400.4.127.3

webkit2gtk3-devel-2.50.1-150400.4.127.3

webkit2gtk3-soup2-devel-2.50.1-150400.4.127.3

webkitgtk-6_0-injected-bundles-2.50.1-150400.4.127.3

SUSE Linux Enterprise Server for SAP Applications 15 SP5

WebKitGTK-4.0-lang-2.50.1-150400.4.127.3

WebKitGTK-4.1-lang-2.50.1-150400.4.127.3

WebKitGTK-6.0-lang-2.50.1-150400.4.127.3

libjavascriptcoregtk-4_0-18-2.50.1-150400.4.127.3

libjavascriptcoregtk-4_1-0-2.50.1-150400.4.127.3

libjavascriptcoregtk-6_0-1-2.50.1-150400.4.127.3

libwebkit2gtk-4_0-37-2.50.1-150400.4.127.3

libwebkit2gtk-4_1-0-2.50.1-150400.4.127.3

libwebkitgtk-6_0-4-2.50.1-150400.4.127.3

typelib-1_0-JavaScriptCore-4_0-2.50.1-150400.4.127.3

typelib-1_0-JavaScriptCore-4_1-2.50.1-150400.4.127.3

typelib-1_0-WebKit2-4_0-2.50.1-150400.4.127.3

typelib-1_0-WebKit2-4_1-2.50.1-150400.4.127.3

typelib-1_0-WebKit2WebExtension-4_0-2.50.1-150400.4.127.3

typelib-1_0-WebKit2WebExtension-4_1-2.50.1-150400.4.127.3

webkit2gtk-4_0-injected-bundles-2.50.1-150400.4.127.3

webkit2gtk-4_1-injected-bundles-2.50.1-150400.4.127.3

webkit2gtk3-devel-2.50.1-150400.4.127.3

webkit2gtk3-soup2-devel-2.50.1-150400.4.127.3

webkitgtk-6_0-injected-bundles-2.50.1-150400.4.127.3

SUSE Manager Proxy LTS 4.3

WebKitGTK-4.0-lang-2.50.1-150400.4.127.3

libjavascriptcoregtk-4_0-18-2.50.1-150400.4.127.3

libwebkit2gtk-4_0-37-2.50.1-150400.4.127.3

typelib-1_0-JavaScriptCore-4_0-2.50.1-150400.4.127.3

typelib-1_0-WebKit2-4_0-2.50.1-150400.4.127.3

typelib-1_0-WebKit2WebExtension-4_0-2.50.1-150400.4.127.3

webkit2gtk-4_0-injected-bundles-2.50.1-150400.4.127.3

webkit2gtk3-soup2-devel-2.50.1-150400.4.127.3

SUSE Manager Server LTS 4.3

WebKitGTK-4.0-lang-2.50.1-150400.4.127.3

libjavascriptcoregtk-4_0-18-2.50.1-150400.4.127.3

libwebkit2gtk-4_0-37-2.50.1-150400.4.127.3

typelib-1_0-JavaScriptCore-4_0-2.50.1-150400.4.127.3

typelib-1_0-WebKit2-4_0-2.50.1-150400.4.127.3

typelib-1_0-WebKit2WebExtension-4_0-2.50.1-150400.4.127.3

webkit2gtk-4_0-injected-bundles-2.50.1-150400.4.127.3

webkit2gtk3-soup2-devel-2.50.1-150400.4.127.3

Ссылки

https://www.suse.com/support/update/announcement/2025/suse-su-20253700-1/
Link for SUSE-SU-2025:3700-1
https://lists.suse.com/pipermail/sle-updates/2025-October/042239.html
E-Mail link for SUSE-SU-2025:3700-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1250439
SUSE Bug 1250439
https://bugzilla.suse.com/1250440
SUSE Bug 1250440
https://bugzilla.suse.com/1250441
SUSE Bug 1250441
https://bugzilla.suse.com/1250442
SUSE Bug 1250442
https://bugzilla.suse.com/1251975
SUSE Bug 1251975
https://www.suse.com/security/cve/CVE-2025-43272/
SUSE CVE CVE-2025-43272 page
https://www.suse.com/security/cve/CVE-2025-43342/
SUSE CVE CVE-2025-43342 page
https://www.suse.com/security/cve/CVE-2025-43343/
SUSE CVE CVE-2025-43343 page
https://www.suse.com/security/cve/CVE-2025-43356/
SUSE CVE CVE-2025-43356 page
https://www.suse.com/security/cve/CVE-2025-43368/
SUSE CVE CVE-2025-43368 page

Описание

The issue was addressed with improved memory handling. This issue is fixed in Safari 26, visionOS 26, watchOS 26, macOS Tahoe 26, iOS 26 and iPadOS 26. Processing maliciously crafted web content may lead to an unexpected Safari crash.

Затронутые продукты

SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:WebKitGTK-4.0-lang-2.50.1-150400.4.127.3

SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:WebKitGTK-4.1-lang-2.50.1-150400.4.127.3

SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:WebKitGTK-6.0-lang-2.50.1-150400.4.127.3

SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libjavascriptcoregtk-4_0-18-2.50.1-150400.4.127.3

Ссылки

https://www.suse.com/security/cve/CVE-2025-43272.html
CVE-2025-43272
https://bugzilla.suse.com/1250439
SUSE Bug 1250439

Описание

A correctness issue was addressed with improved checks. This issue is fixed in tvOS 26, Safari 26, iOS 18.7 and iPadOS 18.7, visionOS 26, watchOS 26, macOS Tahoe 26, iOS 26 and iPadOS 26. Processing maliciously crafted web content may lead to an unexpected process crash.

Затронутые продукты

SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:WebKitGTK-4.0-lang-2.50.1-150400.4.127.3

SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:WebKitGTK-4.1-lang-2.50.1-150400.4.127.3

SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:WebKitGTK-6.0-lang-2.50.1-150400.4.127.3

SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libjavascriptcoregtk-4_0-18-2.50.1-150400.4.127.3

Ссылки

https://www.suse.com/security/cve/CVE-2025-43342.html
CVE-2025-43342
https://bugzilla.suse.com/1250440
SUSE Bug 1250440

Описание

The issue was addressed with improved memory handling. This issue is fixed in tvOS 26, Safari 26, visionOS 26, watchOS 26, macOS Tahoe 26, iOS 26 and iPadOS 26. Processing maliciously crafted web content may lead to an unexpected process crash.

Затронутые продукты

SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:WebKitGTK-4.0-lang-2.50.1-150400.4.127.3

SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:WebKitGTK-4.1-lang-2.50.1-150400.4.127.3

SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:WebKitGTK-6.0-lang-2.50.1-150400.4.127.3

SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libjavascriptcoregtk-4_0-18-2.50.1-150400.4.127.3

Ссылки

https://www.suse.com/security/cve/CVE-2025-43343.html
CVE-2025-43343
https://bugzilla.suse.com/1251975
SUSE Bug 1251975

Описание

The issue was addressed with improved handling of caches. This issue is fixed in tvOS 26, Safari 26, iOS 18.7 and iPadOS 18.7, visionOS 26, watchOS 26, macOS Tahoe 26, iOS 26 and iPadOS 26. A website may be able to access sensor information without user consent.

Затронутые продукты

SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:WebKitGTK-4.0-lang-2.50.1-150400.4.127.3

SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:WebKitGTK-4.1-lang-2.50.1-150400.4.127.3

SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:WebKitGTK-6.0-lang-2.50.1-150400.4.127.3

SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libjavascriptcoregtk-4_0-18-2.50.1-150400.4.127.3

Ссылки

https://www.suse.com/security/cve/CVE-2025-43356.html
CVE-2025-43356
https://bugzilla.suse.com/1250441
SUSE Bug 1250441

Описание

A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26, macOS Tahoe 26, iOS 26 and iPadOS 26. Processing maliciously crafted web content may lead to an unexpected Safari crash.

Затронутые продукты

SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:WebKitGTK-4.0-lang-2.50.1-150400.4.127.3

SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:WebKitGTK-4.1-lang-2.50.1-150400.4.127.3

SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:WebKitGTK-6.0-lang-2.50.1-150400.4.127.3

SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libjavascriptcoregtk-4_0-18-2.50.1-150400.4.127.3

Ссылки

https://www.suse.com/security/cve/CVE-2025-43368.html
CVE-2025-43368
https://bugzilla.suse.com/1250442
SUSE Bug 1250442

SUSE-SU-2025:3700-1

Описание

Список пакетов

SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS

SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS

SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS

SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS

SUSE Linux Enterprise Server 15 SP4-LTSS

SUSE Linux Enterprise Server 15 SP5-LTSS

SUSE Linux Enterprise Server for SAP Applications 15 SP4

SUSE Linux Enterprise Server for SAP Applications 15 SP5

SUSE Manager Proxy LTS 4.3

SUSE Manager Server LTS 4.3

Ссылки

Уязвимость: CVE-2025-43272

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2025-43342

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2025-43343

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2025-43356

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2025-43368

Описание

Затронутые продукты

Ссылки